<?php

	
	if( !isset($_COOKIE["username"]) ){
		header("Location:login.php");
	}else{
		setcookie("username", $_COOKIE["username"],time() + 900);
	}
	
	include_once 'json_function.php';
	$ini_array = parse_ini_file("config/config.ini");
	
	$conn = @mysqli_connect($ini_array["host"], $ini_array["username"], $ini_array["password"], $ini_array["db_name"]) or die("cann't connect the mysql db");
	mysqli_set_charset($conn, "utf8");
	ini_set('default_charset', "UTF-8");
	
	$patientNo = mysqli_real_escape_string($conn,$_POST["patientNo"]);
	$patientFirstName = mysqli_real_escape_string($conn,$_POST["patientFirstName"]);
	$patientSurname = mysqli_real_escape_string($conn,$_POST["patientSurname"]);
	$mobile = mysqli_real_escape_string($conn,$_POST["mobile"]);
	$address = mysqli_real_escape_string($conn,$_POST["address"]);
	$landline = mysqli_real_escape_string($conn,$_POST["landline"]);
	$sex = mysqli_real_escape_string($conn,$_POST["sex"]);
	$portrait = mysqli_real_escape_string($conn,$_POST["portraitHidden"]);
	$dateBirth = mysqli_real_escape_string($conn,$_POST["dateBirth"]);
	$pastHistory = mysqli_real_escape_string($conn,$_POST["pastHistory"]);
	$drugsAllergies = mysqli_real_escape_string($conn,$_POST["drugsAllergies"]);
	$insurer = mysqli_real_escape_string($conn,$_POST["insurer"]);
	$insurerNo = mysqli_real_escape_string($conn,$_POST["insurerNo"]);
	$holderName = mysqli_real_escape_string($conn,$_POST["holderName"]);
	$dateLastAK = mysqli_real_escape_string($conn,$_POST["dateLastAK"]);

	$dateLastSL = mysqli_real_escape_string($conn,$_POST["dateLastSL"]);

	$dateLastWait = mysqli_real_escape_string($conn,$_POST["dateLastWait"]);
	$doctorNo = mysqli_real_escape_string($conn,$_POST["doctorNo"]);
	if( strcmp($doctorNo, "") == 0 ){
		$doctorNo = "null";
	}
	$username = mysqli_real_escape_string($conn,$_POST["username"]);
	

	

	if( $patientNo == 0 ){

		
		$fieldStr = "First_name, Surname, sex,";
		$valueStr = "'".$patientFirstName."','".$patientSurname."','".$sex."',";
		if( strcmp($dateBirth, "") != 0 ){
			$fieldStr = $fieldStr."Date_birth,";
			$valueStr = $valueStr."str_to_date('".$dateBirth."','%d/%m/%Y'),"; 
		}
		if( strcmp($insurerNo, "") != 0 ){
			$fieldStr = $fieldStr."insurer_no,";
			$valueStr = $valueStr."'".$insurerNo."',";
		}
		if( strcmp($dateLastAK, "") != 0 ){
			$fieldStr = $fieldStr."date_last_ak,";
			$valueStr = $valueStr."str_to_date('".$dateLastAK."','%d/%m/%Y'),";
		}
		if( strcmp($dateLastSL, "") != 0 ){
			$fieldStr = $fieldStr."date_last_ak,";
			$valueStr = $valueStr."str_to_date('".$dateLastSL."','%d/%m/%Y'),";
		}
		if( strcmp($dateLastWait, "") != 0 ){
			$fieldStr = $fieldStr."date_last_wait,";
			$valueStr = $valueStr."str_to_date('".$dateLastWait."','%d/%m/%Y'),";
		}
		$fieldStr = $fieldStr."mobile,landline, address, portrait_file, past_history, insurer, holder_name, drugs_allergies, doctor_no, included";
		$valueStr = $valueStr."'".$mobile."','".$landline."','".$address."','".$portrait."','".$pastHistory."','".$insurer."','".$holderName."','".$drugsAllergies."',".$doctorNo.",'".$username."'";
		$insertPatient = "insert into patient(".$fieldStr.")values(".$valueStr.")";
		$result = mysqli_query($conn, $insertPatient);
		
		
		
		
		$data = "{\"data\":{";
		if( $result ){
			$getIdSql = "select last_insert_id() last_insert_id";
			$result = mysqli_query($conn, $getIdSql);
			$row = mysqli_fetch_array($result);
			$patientNo = $row["last_insert_id"];
			
			$data .= "\"status\":\"success\", \"patientNo\":\"".$patientNo."\",\"type\":\"Add\"}}";
		}else{
			$data .= "\"status\":\"fail\",\"type\":\"Add\",\"msg\":\"".mysqli_error($conn)."\"}}";
		}
		echo JsonCharFilter($data);
		
		
				
		
		
	}else{
		$getPatientCount = "select count(*) count from patient where Patient_no=".$patientNo;
		$result = mysqli_query($conn, $getPatientCount);
		
		$row = mysqli_fetch_array($result);
		if( $row["count"] == 0 ){
			
			$fieldStr = "Patient_no,First_name, Surname, sex,";
			$valueStr = $patientNo.",'".$patientFirstName."','".$patientSurname."','".$sex."',";
			if( strcmp($dateBirth, "") != 0 ){
				$fieldStr = $fieldStr."Date_birth,";
				$valueStr = $valueStr."str_to_date('".$dateBirth."','%d/%m/%Y'),"; 
			}
			if( strcmp($insurerNo, "") != 0 ){
				$fieldStr = $fieldStr."insurer_no,";
				$valueStr = $valueStr."'".$insurerNo."',";
			}
			if( strcmp($dateLastAK, "") != 0 ){
				$fieldStr = $fieldStr."date_last_ak,";
				$valueStr = $valueStr."str_to_date('".$dateLastAK."','%d/%m/%Y'),";
			}
			if( strcmp($dateLastSL, "") != 0 ){
				$fieldStr = $fieldStr."date_last_sl,";
				$valueStr = $valueStr."str_to_date('".$dateLastSL."','%d/%m/%Y'),";
			}
			if( strcmp($dateLastWait, "") != 0 ){
				$fieldStr = $fieldStr."date_last_wait,";
				$valueStr = $valueStr."str_to_date('".$dateLastWait."','%d/%m/%Y'),";
			}
			$fieldStr = $fieldStr."mobile, landline, address, portrait_file, past_history, insurer, holder_name, drugs_allergies, doctor_no, included";
			$valueStr = $valueStr."'".$mobile."','".$landline."','".$address."','".$portrait."','".$pastHistory."','".$insurer."','".$holderName."','".$drugsAllergies."',".$doctorNo.",'".$username."'";
			$insertPatient = "insert into patient(".$fieldStr.")values(".$valueStr.")";
			$result = mysqli_query($conn, $insertPatient);
			//echo $insertPatient;
			$data = "{\"data\":{";
			if( $result ){
					
				$data .= "\"status\":\"success\", \"patientNo\":\"".$patientNo."\",\"type\":\"Add\"}}";
			}else{
				$data .= "\"status\":\"fail\",\"type\":\"Add\",\"msg\":\"".mysqli_error($conn)."\"}}";
			}
			echo JsonCharFilter($data);
		}else{
			
			$updatePatient = "update patient set First_name='".$patientFirstName."', Surname='".$patientSurname."',sex='".$sex."',";
			if( strcmp($dateBirth, "") != 0 ){
				$updatePatient = $updatePatient."Date_birth=str_to_date('".$dateBirth."','%d/%m/%Y'),";
			}
			$updatePatient = $updatePatient."mobile='".$mobile."',landline='".$landline."',address='".$address."',portrait_file='".$portrait."',past_history='".$pastHistory."',insurer='".$insurer."',";
			if( strcmp($insurerNo,"") != 0 ){
				$updatePatient = $updatePatient."insurer_no='".$insurerNo."',";
			}
			$updatePatient = $updatePatient."holder_name='".$holderName."',";
			if( strcmp($dateLastAK, "") != 0 ){
				$updatePatient = $updatePatient."date_last_ak=str_to_date('".$dateLastAK."','%d/%m/%Y'),";
			}
			if( strcmp($dateLastSL, "") != 0 ){
				$updatePatient = $updatePatient."date_last_sl=str_to_date('".$dateLastSL."','%d/%m/%Y'),";
			}
			if( strcmp($dateLastWait, "") != 0 ){
				$updatePatient = $updatePatient."date_last_wait=str_to_date('".$dateLastWait."','%d/%m/%Y'),";
			}
			$updatePatient = $updatePatient."drugs_allergies='".$drugsAllergies."', doctor_no=".$doctorNo." where Patient_no=".$patientNo;
			

			
			$result = mysqli_query($conn, $updatePatient);
			
			$data = "{\"data\":{";
			if( $result ){
					
				$data .= "\"status\":\"success\", \"patientNo\":\"".$patientNo."\",\"type\":\"Update\"}}";
			}else{
				$data .= "\"status\":\"fail\",\"type\":\"Add\",\"msg\":\"".mysqli_error($conn)."\"}}";
			}
			echo JsonCharFilter($data);
		}
	}
?>
